Electronic apparatus and communication control method

ABSTRACT

According to one embodiment, an electronic apparatus comprises a communication module and a connection control module. The communication module is configured to execute close proximity wireless transfer. The connection control module is configured to start an operation of establishing a connection between the communication module and an external device which is in close proximity to the communication module if an identifier of the external device wirelessly transmitted from the external device is included in a connection permission list. The connection control module is configured to display a password entry screen if the identifier is not included in the connection permission list, and to add, if a password entered on the password entry screen matches with a registered password, the identifier to the connection permission list and start the operation of establishing the connection between the communication module and the external device.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/922,623 filed on Jun. 20, 2013 which is a continuation of U.S. patentapplication Ser. No. 12/873,637 filed Sep. 1, 2010, which is based uponand claims the benefit of priority from Japanese Patent Application No.2009-217942, filed Sep. 18, 2009, the entire contents of each of whichare incorporated herein by reference.

FIELD

Embodiments described herein relate generally to an electronic apparatuswhich executes close proximity wireless transfer, and a communicationcontrol method which is applied to the electronic apparatus.

BACKGROUND

In recent years, in IC cards, mobile phones, etc., wirelesscommunication such as near field communication (NFC) has begun to beused. A user can easily execute communication for an authenticationprocess, an accounting process, etc., simply by performing an operationof holding the IC card or mobile phone over a reader/writer module of ahost apparatus.

Recently, a novel close proximity wireless transfer technology, whichenables communication at high speed, has begun to be developed. In thisnovel close proximity wireless transfer technology, not onlyauthentication and accounting services can be performed between thedevices, but also data files of text data, video data and audio data canbe exchanged between the devices.

The communication range of close proximity wireless transfer is limitedto a short range of, e.g. several centimeters. This short range canreduce the risk of data theft in data communication between two devices.Thus, in the close proximity wireless transfer, security of a certainlevel can be ensured without performing, between devices, specialcommunication for pairing or inter-device authentication.

However, if data exchange between devices is unconditionally permittedby using, as a trigger, only a touch operation of bringing a certaindevice close to another device, it is possible that the data in thedevice, such as a computer, is stolen by a malicious third party. Forexample, if a malicious third party performs an operation of bringing adevice, which is owned by the malicious third party, close to a computerof a certain user, it is possible that the data in the computer isstolen.

Jpn. Pat. Appln. KOKAI Publication No. 2007-18398 discloses such acontrol technique that in an automatic teller machine (ATM) having ageneral-purpose I/F for an operation by a maintenance worker, a devicewhich is connected to the general-purpose I/F is registered in advancein the automatic teller machine (ATM), so that devices other than theregistered device cannot be used.

In the technique of KOKAI Publication No. 2007-18398, however, theautomatic teller machine cannot communicate at all with devices whichare not registered as the device that is to be connected.

In the close proximity wireless transfer, it is possible that variouskinds of electronic devices, such as mobile phones, digital cameras,PDAs and other countless mobile devices, become objects ofcommunication. Therefore, as a security function that is applied to theclose proximity wireless transfer, a scheme is needed to permit, wherenecessary, a connection to a device, which is not pre-registered as adevice that is the object of connection, thereby not to lose theusability of the close proximity wireless transfer.

BRIEF DESCRIPTION OF THE DRAWINGS

A general architecture that implements the various feature of theembodiments will now be described with reference to the drawings. Thedrawings and the associated descriptions are provided to illustrate theembodiments and not to limit the scope of the invention.

FIG. 1 is an exemplary block diagram showing the system configuration ofan electronic apparatus according to an embodiment;

FIG. 2 is an exemplary block diagram showing the structure of acommunication control program which is used in the electronic apparatusof the embodiment;

FIG. 3 is an exemplary perspective view showing the external appearanceof the electronic apparatus of the embodiment;

FIG. 4 illustrates an example of close proximity wireless transfer whichis executed between the electronic apparatus of the embodiment and anexternal device;

FIG. 5 shows an example of a software architecture for controlling closeproximity wireless transfer, which is applied to the electronicapparatus of the embodiment;

FIG. 6 is an exemplary flow chart illustrating a procedure of aconnection control operation which is executed by the electronicapparatus of the embodiment;

FIG. 7 shows a password registration screen which is displayed on adisplay of the electronic apparatus of the embodiment;

FIG. 8 shows an exemplary password entry screen which is displayed onthe display of the electronic apparatus of the embodiment;

FIG. 9 shows an example of a setup screen for close proximity wirelesstransfer, which is displayed on the display of the electronic apparatusof the embodiment;

FIG. 10 is an exemplary view for explaining device registration modeswhich are applied to the electronic apparatus of the embodiment;

FIG. 11 is an exemplary flow chart illustrating another procedure of theconnection control operation which is executed by the electronicapparatus of the embodiment;

FIG. 12 is an exemplary view for explaining the operation which isexecuted by the electronic apparatus of the embodiment when the deviceregistration mode is changed;

FIG. 13 shows an exemplary password re-registration confirmation screenwhich is displayed on the display of the electronic apparatus of theembodiment; and

FIG. 14 is an exemplary flow chart illustrating the procedure of thepassword re-registration process which is executed by the electronicapparatus of the embodiment.

DETAILED DESCRIPTION

Various embodiments will be described hereinafter with reference to theaccompanying drawings.

In general, according to one embodiment, an electronic apparatuscomprises a communication module and a connection control module. Thecommunication module is configured to execute close proximity wirelesstransfer. The connection control module is configured to start anoperation of establishing a connection between the communication moduleand an external device which is in close proximity to the communicationmodule if an identifier of the external device wirelessly transmittedfrom the external device is included in a connection permission list.The connection control module is configured to display a password entryscreen if the identifier is not included in the connection permissionlist, and to add, if a password entered on the password entry screenmatches with a registered password, the identifier to the connectionpermission list and start the operation of establishing the connectionbetween the communication module and the external device.

FIG. 1 shows the structure of an electronic apparatus according to anembodiment. The electronic apparatus 10 is realized, for example, as aportable computer, a mobile phone, a PDA, an audio player, or a TV. Theelectronic apparatus 10 includes a system control module 11, a memory12, a storage device 13, an input module 14, a liquid crystal display(LCD) 15, a sound controller 16, a speaker 17, an indicator 18, a powersupply control module 19, and a close proximity wireless transfer device20.

The system control module 11 controls the operations of the respectivecomponents in the electronic apparatus 10. The system control module 11is connected to the memory 12, storage device 13, input module 14, LCD15, sound controller 16, indicator 18, power supply control module 19and close proximity wireless transfer device 20. The system controlmodule 11 includes a CPU 101 a.

The CPU 101 a is a processor which executes an operating system andvarious application programs/utility programs, which are loaded from thestorage device 13 into the memory 12. The application programs/utilityprograms include a communication control program 12 a for controllingthe communication operation of the close proximity wireless transferdevice 20.

The communication control program 12 a has a function of discriminatingan identifier (unique ID) of each of devices (external devices), andenables the user to select an external device which can establish aconnection to the close proximity wireless transfer device 20. Theunique ID of the external device, which has been permitted to establisha connection to the close proximity wireless transfer device 20, isregistered in a connection permission list. If the unique ID, which iswirelessly transmitted from an external device A to the close proximitywireless transfer device 20, is registered in the connection permissionlist, the communication control program 12 a immediately starts anoperation for establishing a connection between the close proximitywireless transfer device 20 and the external device A, thereby toexecute data transfer between the close proximity wireless transferdevice 20 and the external device A. The connection permission list canrestrict external devices, which can establish a connection to the closeproximity wireless transfer device 20 (i.e., the electronic apparatus10), to some specific devices.

However, if a third party, for example, operates the electronicapparatus 10 without prior consent, and registers the unique ID of anunlawful external device B in the connection permission list, it ispossible that the data in the electronic apparatus 10 is stolen. Thereason is that the connection between the external device B andelectronic apparatus 10 is established if the third party simply touchesthe external device B to the electronic apparatus 10, and data exchangebetween the devices may possibly be started.

The communication control program 12 a has a function of preventing theunique ID of an unlawful external device from being registered in theconnection permission list with use of password verification. To be morespecific, when the communication control program 12 a has received theunique ID of an external device A, which is wirelessly transmitted fromthe external device A that is in close proximity to the electronicapparatus 10, the communication control program 12 a determines whetherthe received unique ID is registered in the connection permission list.If the received unique ID is not registered in the connection permissionlist, the communication control program 12 a recognizes that theexternal device A is a device which has first been touched to theelectronic apparatus 10. In this case, to begin with, the communicationcontrol program 12 a displays on the LCD 15 a screen (password entryscreen) for prompting the entry of the password. Only when the enteredpassword is valid, that is, only when the entered password matches withthe password (registered password) which is already registered in theelectronic apparatus 10, the communication control program 12 aregisters the received unique ID, i.e. the unique ID of the externaldevice A, in the connection permission list. Then, in order to executedata transfer between the close proximity wireless transfer device 20and external device A, the communication control program 12 a starts theoperation for establishing a connection between the close proximitywireless transfer device 20 and external device A.

On the other hand, if the entered password is invalid, the communicationcontrol program 12 a does not register the unique ID of the externaldevice A in the connection permission list. No connection is establishedbetween the close proximity wireless transfer 20 and external device A,and accordingly no data exchange is executed between the close proximitywireless transfer 20 and external device A.

Hence, even if the third party touches the external device B, which isnot registered in the connection permission list, to the electronicapparatus 10, it is possible to prevent such a situation from occurringthat the unique ID of the external device B is unlawfully registered inthe connection permission list.

As has been described above, in the present embodiment, the contentitself of the connection permission list, which is stored in theelectronic apparatus 10, can be protected by using the passwordverification. Thus, the risk of data theft can be reduced withoutexecuting special communication for ensuring security, such asexchanging passwords or key codes between the close proximity wirelesstransfer 20 and external device A. In addition, when the user wishes toexecute communication between a device, which is not registered in theconnection permission list, and the electronic apparatus 10, it shouldsuffice if the user simply performs the operation of touching the deviceto the electronic apparatus 10 and entering the password. Therefore, theconnection between the device, which is not registered in the connectionpermission list, and the electronic apparatus 10 can easily be permittedby only the entry of the password by the user.

The storage device 13 is composed of, e.g. a hard disk drive or anonvolatile semiconductor memory. The input module 14 is an input devicefor inputting data and an instruction, which are to be delivered to theCPU 111. The input module 14 is realized, for example, by a keyboard, aplurality of button switches, or a pointing device.

The LCD 15 is a display device which is used as a display of theelectronic apparatus 10. The sound controller 16 is a sound sourcecircuit for producing sound corresponding to audio data which is sentfrom the CPU 101 a. The sound controller 16 converts the audio data,which is sent from the CPU 101 a, from a digital audio signal to ananalog audio signal, and outputs the analog audio signal to the speaker17. The speaker 17 produces sound corresponding to the analog audiosignal.

The indicator 18 presents the state (e.g. the start of data transfer,the end of data transfer, etc.) of close proximity wireless transferwhich is executed by the close proximity wireless transfer device 20.The indicator 18 includes a light emission module such as an LED.

The power supply control module 19 supplies power to the respectivecomponents in the electronic apparatus 10 by using power which issupplied from the outside via an AC adapter 30 or power which issupplied from a battery 19 b provided in the electronic apparatus 10. Inother words, the electronic apparatus 10 is driven by an external powersupply such as an AC commercial power supply, or by the battery 19 b.The AC adapter 30 may be provided within the electronic apparatus 10.The power supply control module 19 powers on/off the electronicapparatus 10 in accordance with an operation of a power switch (P-SW) 19a by the user.

The close proximity wireless transfer device 20 is a communicationmodule which executes close proximity wireless transfer. The closeproximity wireless transfer device 20 can communicate with some otherdevice (external device) having a close proximity wireless transferfunction, which is present within a predetermined range from the closeproximity wireless transfer device 20. The wireless communicationbetween the close proximity wireless transfer device 20 and the externaldevice is enabled only when the close proximity wireless transfer device20 and the external device are in close proximity, that is, only whenthe distance between the close proximity wireless transfer device 20 andthe external device is decreased to the range of communication (e.g. 3cm) or less. When the close proximity wireless transfer device 20 andthe external device are brought close to each other within the range ofcommunication, the communication between the close proximity wirelesstransfer device 20 and the external device is enabled. Then, theoperation of establishing a connection (wireless connection) between theclose proximity wireless transfer device 20 and the external device, orin other words, the operation of establishing a communication path forcommunication between an application in the electronic apparatus 10 andan application in the external device, is started. After the connection(wireless connection) between the devices is established, transfer ofdata, such as a data file which is explicitly designated by the user, ora predetermined data file which is to be synchronized, is executedbetween the close proximity wireless transfer device 20 and the externaldevice.

In the close proximity wireless transfer, an induction electric field isused. As a close proximity wireless transfer method, TransferJet™, forinstance, can be used. TransferJet™ is a close proximity wirelesstransfer method which uses UWB, and high-speed data transfer can berealized.

The close proximity wireless transfer device 20 is connected to anantenna 20 b. The antenna 20 b is an electrode called “coupler”, andexecutes data transmission and reception to and from the external deviceby a radio signal using an induction electric field. When the externaldevice comes near within the range of communication (e.g. 3 cm) from theantenna 20 b, the antennas (couplers) of the close proximity wirelesstransfer device 20 and the external device are coupled by the inductionelectric field, and thereby wireless communication between the closeproximity wireless transfer device 20 and the external device isenabled. In the meantime, the close proximity wireless transfer device20 and the antenna 20 b can be realized as a single module.

Next, referring to FIG. 2, the structure of the communication controlprogram 12 a is described.

The communication control program 12 a includes a connection controlprogram 121, a connection control driver 122 and a password managementmodule 123. The connection control driver 122 is a program functioningas a protocol stack for controlling the operation of the close proximitywireless transfer device 20. The connection control program 121 is aprogram for controlling the operation for establishing the connectionbetween the close proximity wireless transfer device 20 and the externaldevice. The connection control program 121 executes a function formanaging a connection permission list 124, a function for managing apassword in cooperation with the password management module 123, and afunction for permitting or prohibiting registration of a device in theconnection permission list 124 with use of the password verification.

The connection permission list 124 is information indicative of uniqueIDs of devices which are permitted to establish a connection to theclose proximity wireless transfer device 20. The connection permissionlist 124 is stored, for example, in the storage device 13 provided inthe electronic apparatus 10. The password management module 123 is aprogram for managing passwords. The password management module 123 canmanage, for example, a password (registered password), which is used forthe above-described password verification, in association with each oflog-in users. For example, the password is encrypted, and the encryptedpassword is stored in a registry area, for example. In the presentembodiment, character codes, which are usable as passwords, are limitedto numerals (0-9), and character codes, such as alphabets, cannot beused as passwords. This aims at enabling the user to undergo passwordverification by simply typing and entering some numerals alone, withouttyping and entering character codes such as alphabets.

Next, referring to FIG. 3, an example of the external appearance of theelectronic apparatus 10 is described, assuming that the electronicapparatus 10 is realized as a portable personal computer.

FIG. 3 is a perspective view showing the external appearance of theelectronic apparatus 10.

The electronic apparatus 10 comprises a main body 41 and a display unit42. The display unit 42 is attached to the main body 41 such that thedisplay unit 42 is rotatable between an open position where the topsurface of the main body 41 is exposed, and a closed position where thetop surface of the main body 41 is covered by the display unit 42. Theabove-described LCD 15 is provided in the display unit 42.

The main body 41 has a thin box-shaped housing. A keyboard 14 a, a touchpad 14 b, indicator 18 and power switch 19 a are disposed on the topsurface of the housing of the main body 41.

The top surface of the main body 41, to be more specific, a part of apalm rest area 41 a on the top surface of the main body 41, functions asa communication surface. Specifically, the close proximity wirelesstransfer device 20 and antenna (coupler) 20 b are provided within themain body 41 so as to be opposed to the palm rest area 41 a on the topsurface of the main body 41. The antenna (coupler) 20 b is disposed soas to output a radio signal (induction electric field) to the outsidevia the top surface of the main body 41 (specifically, a part of thepalm rest area 41 a on the top surface of the main body 41). A smallarea on the top surface of the main body 41, which is opposed to theantenna (coupler) 20 b, that is, a small area on the top surface of themain body 41, which is located on the upper side of the antenna(coupler) 20 b, is used as a communication position.

The user can start data transfer between the external device and theelectronic apparatus 10 by performing, for example, an operation (alsoreferred to as “touch operation”) of holding the external device, whichhas the close proximity wireless transfer function, over thecommunication position in the palm rest area 41 a on the top surface ofthe main body 41. In the state in which the electronic apparatus 10 andthe external device are brought in close proximity, it is possible thata part of the keyboard 14 of the electronic apparatus 10, for example,some keys in the keyboard which are located on the palm rest area 41 aside, may be covered with the external device such as a mobile phone,and the operation of such keys may become difficult.

In an ordinary computer, alphabet keys are dispersedly arranged atplural key positions on the keyboard, but all numeral keys areconcentrated on an upper part of the keyboard. In the embodiment, asdescribed above, the character codes, which are usable as passwords, arelimited to the numerals (0-9). Thus, the user can enter, with noproblem, the password, which is composed of only a combination ofnumeral keys, even in the state in which the external device is placedon the palm rest area 41 a, or even in the state in which the externaldevice is held over the palm rest area 41 a of the main body 41.

FIG. 4 illustrates close proximity wireless transfer which is executedbetween a mobile phone 50 and the electronic apparatus 10. An antenna(coupler) 50 b for close proximity wireless transfer is provided withinthe housing of the mobile phone 50 so as to be opposed to the backsurface of the housing. In this case, close proximity wireless transferbetween the mobile phone 50 and electronic apparatus 10 can be startedby bringing the back surface of the housing of the mobile phone 50 overthe communication position on the palm rest area of the main body 41 ofthe electronic apparatus 20.

Next, referring to FIG. 5, a description is given of a softwarearchitecture for controlling close proximity wireless transfer which isexecuted with use of the close proximity wireless transfer device 20.

The software architecture of FIG. 5 shows a hierarchical structure of aprotocol stack for controlling close proximity wireless transfer. Theprotocol stack comprises a physical layer (PHY), a connection layer(CNL), a protocol conversion layer (PCL), and an application layer.

The physical layer (PHY) is a layer which controls physical datatransfer, and corresponds to a physical layer in an OSI reference model.A part or all of the functions of the physical layer (PHY) may also berealized by using hardware in the close proximity wireless transferdevice 20.

The physical layer (PHY) converts data from the connection layer (CNL)to a radio signal. The connection layer (CNL) corresponds to a data linklayer and a transport layer in the OSI reference model, and executesdata communication by controlling the physical layer (PHY).

Responding to a connection request from the protocol conversion layer(PCL) or a connection request from the external device, the connectionlayer (CNL) executes a process of establishing a physical link (CNLconnection) between the close proximity wireless transfer device 20 andthe external device, which are set in a close proximity state. Adescription is now given of the procedure for establishing a CNLconnection between two devices (device 1 and device 2). Of the devices 1and 2, the device which is to start communication, for example, thedevice 1, executes a process for wirelessly transmitting a connectionrequest (C-Req). The connection request (C-Req) may include a unique IDof the device 1. The device 2 periodically executes a process forreceiving the connection request (C-Req). When the device 1 and device 2are in a close proximity state, the device 2 can receive the connectionrequest (C-Req) which is transmitted from the device 1. When the device2 has received the connection request (C-Req), the device 2 wirelesslytransmits to the device 1 a response (C-Acc) which is indicative of theacceptance of the received connection request (C-Req). This response(C-Acc) may include a unique ID of the device 2. The device 1 canreceive the response (C-Acc) which is wirelessly transmitted from thedevice 2. In this manner, the link (CNL connection) between the device 1and device 2 is established by transmitting/receiving the connectionrequest signal (C-Req) and connection response signal (C-Acc) betweenthe device 1 and device 2.

The protocol conversion layer (PCL) corresponds to a session layer and apresentation layer in the OSI reference model, and is positioned betweenthe application layer and the connection layer (CNL) for controllingestablishment and release of the link between the two devices. In orderto establish the connection between the two devices, the protocolconversion layer (PCL) executes control of each application(communication program) in the application layer, and executes controlof the connection layer (CNL).

To be more specific, the protocol conversion layer (PCL) executes aconversion process for converting data (user data), which corresponds toapplication protocols (e.g. SCSI, OBEX, and other general-purposeprotocols) that are handled by the communication programs in theapplication layer, to a specific transmission data format. By thisconversion process, data, which is transmitted/received by any one ofthe communication programs, is converted to packets (data of a specifictransmission data format) which can be handled by the connection layer(CNL). The protocol conversion layer (PCL) enables the use of variousapplication protocols in the close proximity wireless transfer.

In the present embodiment, the protocol conversion layer (PCL) has threemodes (proactive mode, reactive mode and flexible mode), and is operablein one of these three modes.

The proactive mode is a mode for a device to function as a so-calledmaster. A device in the proactive mode can control acommunication-counterpart device (peer device) and can execute a servicesuch as data transfer between devices. The reactive mode is a mode for adevice to function as a so-called slave. A device in the reactive modecan execute a service, such as data transfer between devices, under thecontrol of the peer device.

The default mode of a mobile device, such as a mobile phone, whichcannot be driven by an external power supply, is determined to be thereactive mode in order to reduce power consumption. When an applicationof the mobile device is operated by a user, the mobile deviceautomatically transitions from the reactive mode to the proactive mode.

The device, which is set in the proactive mode, sends a connectionrequest signal C_Req. On the other hand, the device, which is set in thereactive mode, does not send a connection request signal C_Req andaccordingly the power consumption of the device in the reactive mode isrelatively small.

The flexible mode is a mode in which a device can automaticallytransition the own mode to the proactive mode or to the reactive mode inaccordance with the mode of the peer device (proactive mode or reactivemode). The device in the flexible mode transitions to the reactive modeif the mode of the peer device is the proactive mode, and the device inthe flexible mode transitions to the proactive mode if the mode of thepeer device is the reactive mode. The transition to the proactive modeor to the reactive mode is executed, for example, after the CNLconnection between the devices is established.

The default mode of a device, such as a personal computer, which can bedriven by an external power supply such as an AC adapter power supply,is the flexible mode. The device in the flexible mode can send aconnection request signal C_Req. Thereby, for example, even in the casewhere the user brings the mobile phone close to the personal computer(the device in the flexible mode) without operating an application ofthe mobile phone, the CNL connection between the devices can beestablished.

Next, referring to a flow chart of FIG. 6, a description is given of theprocedure of a connection control process which is executed by theelectronic apparatus 10.

The case is assumed in which a mobile device, such as a mobile phone ora digital camera, has been touched to the palm rest area of theelectronic apparatus 10. When the mobile device is touched to the palmrest area of the electronic apparatus 10, communication is startedbetween the close proximity wireless transfer device 20 of theelectronic apparatus 10 and the mobile device. The communication controlprogram 12 a first determines whether the mobile device is a devicewhich has first been touched to the electronic apparatus 10 (step S11).In step S11, the communication control program 12 a receives, via theclose proximity wireless transfer device 20, the unique ID included in asignal (connection request signal C_Req or response signal C_Acc) whichis wirelessly transmitted from the mobile device, and determines whetherthe received unique ID is included in the connection permission list 124or not. If the received unique ID is not included in the connectionpermission list 124, that is, if the received unique ID is notregistered in the connection permission list 124, the communicationcontrol program 12 a determines that the mobile device is a device whichhas first been touched to the electronic apparatus 10. On the otherhand, if the received unique ID is included in the connection permissionlist 124, the communication control program 12 a recognizes that themobile device is a device which is permitted to establish a connectionto the electronic apparatus 10.

If it is determined in step S11 that the mobile device is a device whichis already permitted to establish a connection to the electronicapparatus 10 (NO in step S11), the communication control program 12 aadvances to step S16 and starts the operation for establishing aconnection between the mobile device and the close proximity wirelesstransfer device 20 (step S16). In step S16, the communication controlprogram 12 a executes a negotiation process for determining, forexample, the type of data which is transferred between the mobile deviceand the electronic apparatus 10 and the protocol to be used (e.g. SCSI,OBEX, other general-purpose protocol), and establishes a communicationpath (connection) for communication between the application layer of theelectronic apparatus 10 side and the application layer of the mobiledevice side.

On the other hand, if it is determined in step S11 that the mobiledevice is a device which has first been touched to the electronicapparatus 10 (YES in step S11), the communication control program 12 acauses the LCD 15 to display the password entry screen for prompting theuser to enter the password (step S12). Then, the communication controlprogram 12 a compares the password which has been entered on thepassword entry screen and the registered password. If the enteredpassword is valid, that is, if the entered password is a correctpassword matching with the registered password (YES in step S13), thecommunication control program 12 a adds the unique ID of the mobiledevice to the connection permission list 124 in order to register themobile device as the device which can establish the connection to theelectronic apparatus 10 (step S15). The communication control program 12a advances to step S16 and starts the operation for establishing theconnection between the mobile device and the close proximity wirelesstransfer device 20 (step S16). Although step S16 has been executed afterthe process of step S15, step S15 may be executed after step S16.

If the entered password is invalid, that is, if the password matchingwith the registered password is not entered (YES in step S13), thecommunication control program 12 a rejects the connection between themobile device and the close proximity wireless transfer 20 (step S14).In this case, the unique ID of the mobile device is not added to theconnection permission list 124.

FIG. 7 shows an example of a password registration screen which is usedfor the registration of the password. Responding to the occurrence of apassword registration request event from the user, the communicationcontrol program 12 a causes the LCD 15 to display the passwordregistration screen shown in FIG. 7. As described above, the charactersthat are usable for the password are limited to numerals of, e.g. fourdigits or less.

FIG. 8 shows an example of the password entry screen for passwordverification. The password entry screen is described, assuming the casein which the electronic apparatus 10 is realized by a computer.

The password entry screen, as shown in FIG. 8, displays a message forprompting the user to confirm whether the detected device (the devicetouched to the electronic apparatus 10) is to be registered as thedevice which is connectable to the electronic apparatus 10, and alsodisplays the device name and device ID of the detected device. Thedevice name and device ID are displayed based on the unique ID which hasbeen received from the detected device. The password entry screenfurther displays a password entry field.

If the “OK” button is clicked in the state in which the correct passwordis entered in the password entry field, the unique ID of the detecteddevice is added to the connection permission list 124, and thereby thisdevice is registered as the device which is connectable to theelectronic apparatus 10. If the correct password is not entered or ifthe “Cancel” button is clicked, the unique ID of the detected device isnot added to the connection permission list 124.

Next, referring to FIG. 9, a description is given of an example of asetup screen for setting up the operational environment of the closeproximity wireless transfer. This setup screen is displayed on the LCD15 by the communication control program 12 a.

A “Connection device list” tab on the setup screen is used in order tomanage the list of devices which are connectable to the electronicapparatus 10. The “Connection device list” displays a device list window201, a registration cancel button 202, mode select check boxes 203 and204, and a password registration button 205.

The device list window 201 displays the list of the devices which areconnectable to the electronic apparatus 10, based on unique IDs in theconnection permission list 124. If the registration cancel button 202 isclicked in the state in which a certain device in the device list window201 is selected, the unique ID corresponding to the selected device isdeleted from the connection permission list 124.

The mode select check boxes 203 and 204 are used in order to determinethe operation mode for controlling the close proximity wirelesstransfer, that is, the operation mode of the connection controloperation which is executed by the communication control program 12 a.In the present embodiment, two modes, in general classification, areused for the connection control. A first mode is an operation mode inwhich password entry is requested when a non-registered device (a devicefirst touched to the electronic apparatus 10) has been detected. Asecond mode is an operation mode in which password entry is notrequested when a non-registered device (a device first touched to theelectronic apparatus 10) has been detected.

If the mode select check box 203 is checked, the operation mode of theconnection control operation is set in the first mode (authentication &password entry mode). During the period in which the operation mode isthe first mode, the communication control program 12 a displays thepassword entry screen of FIG. 8 when a non-registered device (a devicefirst touched to the electronic apparatus 10) has been detected.

If the mode select check box 204 is checked, the operation mode of theconnection control operation is set in an auto-registration mode. Theauto-registration mode is a kind of the above-described second mode.During the period in which the operation mode is the auto-registrationmode, the communication control program 12 a does not display any kindof screen, such as the password entry screen, when a non-registereddevice (a device first touched to the electronic apparatus 10) has beendetected, and automatically adds the unique ID of the non-registereddevice to the connection permission list 124.

If neither the mode select check box 203 nor 204 is checked, theoperation mode of the connection control operation is set in anauthentication mode. The authentication mode is also a kind of thesecond mode. During the period in which the operation mode is theauthentication mode, the communication control program 12 a does notdisplay the password entry screen when a non-registered device (a devicefirst touched to the electronic apparatus 10) has been detected, anddisplays only a confirmation screen for prompting the user to confirmwhether the detected device is to be added to the connection permissionlist 124. Only when the addition to the connection permission list 124is permitted by the user, the communication control program 12 a addsthe unique ID of the detected device to the connection permission list124. Both the mode select check boxes 203 and 204 cannot be checked atthe same time.

In the present embodiment, as described above, using the setup screen ofFIG. 9, the user can select, as needed, the first mode (authentication &password entry mode) or the second mode (authentication mode orauto-registration mode). Thus, for example, the user can perform such anoperation that the user first uses the second mode to register somemobile devices owned by the user (e.g. a mobile phone, a digital camera,an audio player, etc.) as devices which are connectable to theelectronic apparatus 10, and then switches the operation mode to thefirst mode to enhance the level of security. Even after the switching iseffected to the first mode, as regards the device having the unique IDregistered in the connection permission list 124, the user can easilyperform data exchange between this device and the electronic apparatus10, simply by touching the device to the electronic apparatus 10.Specifically, during the period of the first mode, when the devicehaving the unique ID already registered in the connection permissionlist 124 has been touched to the electronic apparatus 10, neither thepassword entry screen nor the confirmation screen is displayed, and theoperation for establishing the connection between this device and theelectronic apparatus 10 is immediately started. The entry of thepassword is requested only when a device having a unique ID notregistered in the connection permission list 124 has been touched to theelectronic apparatus 10. Since the entry of the password is notrequested unless a new device is touched to the electronic apparatus 10,the user may forget the registered password.

In the present embodiment, in order to easily cope with the case inwhich the user forgets the registered password, a passwordre-registration function (also referred to as “registered passwordchange function”) is provided for changing the registered password to anew password, without requesting the entry of the password agreeing withthe registered password. The password registration button 205 is abutton for generating a password registration request event. If thepassword registration button 205 is clicked, the password registrationscreen for password registration or password re-registration isdisplayed. The password registration button 205 can be used forfirst-time password registration and the above-described passwordre-registration.

However, the use of the password re-registration function incurs such arisk that a malicious third party rewrites the registered password toanother password. To cope with this problem, the communication controlprogram 102 a is provided with a password registration date and timedisplay function which displays on the LCD 15 the previous password dateand time, that is, the date and time at which the password was lastregistered. For example, as shown in FIG. 9, the previous passwordregistration date and time is displayed on the “Connection device list”tab screen. By viewing the previous password registration date and time,the user can recognize whether the registered password has unlawfullybeen changed by a third party.

Next, referring to FIG. 10, a description is given of the relationshipbetween the password entry screen, which is displayed in theauthentication & password entry mode (mode 1), and the confirmationscreen (also referred to as “authentication screen”), which is displayedin the authentication mode (mode 2).

The password entry screen, as described above, displays the device nameand device ID of the device which has first been touched to theelectronic apparatus 10, the message for prompting the user to confirmwhether this device is to be registered as the device which isconnectable to the electronic apparatus 10, and the password entryfield. If the “OK” button on the password entry screen is clicked in thestate in which the correct password is entered on the password entryscreen, the unique ID of this device is added to the connectionpermission list 124.

The confirmation screen displays the device name and device ID of thedevice which has first been touched to the electronic apparatus 10, andthe message for prompting the user to confirm whether this device is tobe registered as the device which is connectable to the electronicapparatus 10, and does not display the password entry field. If the “OK”button on the confirmation screen is clicked, the unique ID of thisdevice is added to the connection permission list 124.

In the auto-registration mode (mode 3), even if a device, which hasfirst been touched to the electronic apparatus 10, is detected, neitherthe password entry screen nor the confirmation screen is displayed.

Next, referring to a flow chart of FIG. 11, a description is given ofthe procedure of the connection control process corresponding to theauthentication & password entry mode (mode 1), the authentication mode(mode 2) and the auto-registration mode (mode 3).

When the mobile device is touched to the palm rest area of theelectronic apparatus 10, communication is started between the closeproximity wireless transfer device 20 of the electronic apparatus 10 andthe mobile device. To begin with, the communication control program 12 adetermines whether the mobile device is a device which has first beentouched to the electronic apparatus 10 (step S21). In step S21, thecommunication control program 12 a receives, via the close proximitywireless transfer device 20, the unique ID included in a signal(connection request signal C_Req or response signal C_Acc) which iswirelessly transmitted from the mobile device, and determines whetherthe received unique ID is included in the connection permission list 124or not. If the received unique ID is not included in the connectionpermission list 124, that is, if the received unique ID is notregistered in the connection permission list 124, the communicationcontrol program 12 a recognizes that the mobile device is a device whichhas first been touched to the electronic apparatus 10. On the otherhand, if the received unique ID is included in the connection permissionlist 124, the communication control program 12 a recognizes that themobile device is a device which is permitted to establish a connectionto the electronic apparatus 10.

If it is determined in step S21 that the mobile device touched to theelectronic apparatus 10 is a device which is already permitted toestablish a connection to the electronic apparatus 10 (NO in step S21),the communication control program 12 a advances to step S27 and startsthe operation for establishing a connection between the mobile deviceand the close proximity wireless transfer device 20.

On the other hand, if it is determined in step S21 that the mobiledevice is a device which has first been touched to the electronicapparatus 10 (YES in step S21), the communication control program 12 adetermines whether the present operation mode is the authentication &password entry mode (mode 1), the authentication mode (mode 2) and theauto-registration mode (mode 3) (step S22).

If the present operation mode is the authentication & password entrymode (mode 1), the communication control program 12 a executes the sameprocess as the process of steps S12 to S16 of the flow chart of FIG. 6(steps S23 to S27).

If the present operation mode is the authentication mode (mode 2), thecommunication control program 12 causes the LCD 15 to display theconfirmation screen for confirming whether the mobile device, which hasfirst been touched, is to be registered as the device which isconnectable to the electronic apparatus 10, thereby asking the userwhether this mobile device is to be registered as the device which isconnectable to the electronic apparatus 10 (step S28). If the “OK”button on the confirmation screen is clicked (YES in step S29), thecommunication control program 12 a adds the unique ID of the mobiledevice to the connection permission list 124 in order to register themobile device as the device which can establish the connection to theelectronic apparatus 10 (step S26). The communication control program 12a advances to step S27 and starts the operation for establishing theconnection between the mobile device and the close proximity wirelesstransfer device 20. If the “Cancel” button on the confirmation screen isclicked (NO in step S29), the communication control program 12 a rejectsthe connection between the mobile device and the close proximitywireless transfer 20 (step S25). In this case, the unique ID of themobile device is not added to the connection permission list 124.

If the present operation mode is the auto-registration mode (mode 3),the communication control program 12 a adds the unique ID of the mobiledevice to the connection permission list 124 in order to register themobile device as the device which can establish the connection to theelectronic apparatus 10 (step S26). The communication control program 12a advances to step S27 and starts the operation for establishing theconnection between the mobile device and the close proximity wirelesstransfer device 20.

Next, referring to FIG. 12, a description is given of a process which isexecuted by the communication control program 12 a when the check markin the mode select check box 203 is cleared.

If the clearing of the check mark in the mode select check box 203 isunconditionally permitted, it is possible that a malicious third partyunlawfully changes the present operation mode from the authentication &password entry mode to the authentication mode or the auto-registrationmode. Thus, when the check mark in the mode select check box 203 iscleared, that is, when a mode change request event has occurred for achange from the authentication & password entry mode to theauthentication mode or the auto-registration mode, the communicationcontrol program 12 a causes the LCD 15 to display a password entryscreen 300, as shown in FIG. 12. Only when the correct password matchingwith the registered password is entered on the password entry screen300, the communication control program 12 a permits a change of themode, and changes the present mode from the authentication & passwordentry mode to the authentication mode or the auto-registration mode.

Next, a password re-registration function is described.

When the password registration button 205 shown in FIG. 9 is clicked inthe state in which the password is already registered, the communicationcontrol program 12 a displays a confirmation screen 400, as shown inFIG. 13. The confirmation screen 400 displays a message to the effectthat if the password is re-registered, the registration of all devicesis canceled.

If the “Yes” button on the confirmation screen 400 is clicked, thepassword registration screen of FIG. 7 is displayed. If the “OK” buttonis clicked on the password registration screen on which a password hasbeen entered, this password is registered as a new registered passwordin the electronic apparatus 10, and all the IDs included in theconnection permission list 124 are deleted. In the present embodiment,as described above, the change of the registered password is permittedwithout executing password verification which requires the entry of thepassword matching with the registered password. However, when theregistered password is changed, the contents of the connectionpermission list 124 are cleared. By once clearing the contents of theconnection permission list 124 in this manner, the connection controlprocess based on the changed, new registered password can be re-startedfrom the default state (i.e. the state in which no ID is registered inthe connection permission list 124). If the No button on theconfirmation 400 is clicked, the screen returns to the “Connectiondevice list” tab screen of FIG. 9.

Next, referring to a flow chart of FIG. 14, the procedure of thepassword registration/re-registration process is described.

When the password registration button 205 on the “Connection devicelist” tab screen of FIG. 9 is clicked (YES in step S31), thecommunication control program 12 a determines whether the registeredpassword is already present, that is, whether the password is alreadyregistered (step S32).

If no registered password is stored (NO in step S32), the communicationcontrol program 12 a causes the LCD 15 to display the passwordregistration screen of FIG. 7 (step S33). The communication controlprogram 12 a stores a password, which has been entered on the passwordregistration screen, in the registry as a registered password (stepS34). Further, the communication control program 12 a stores the presentdate and time as the date and time of storage of the registeredpassword, that is, the password registration date and time, and displaysthe password registration date and time on the “Connection device list”tab screen of FIG. 9 (step S35).

If the registered password is already stored (YES in step S32), thecommunication control program 12 a causes the LCD 15 to display theconfirmation screen 400 of FIG. 13 (step S36). If the “Yes” button onthe confirmation screen 400 of FIG. 13 is clicked, the communicationcontrol program 12 a causes the LCD 15 to display the passwordregistration screen of FIG. 7 (step S37). Then, the communicationcontrol program 12 a executes a process of storing a password, which isentered on the password registration screen, in the registry as a newregistered password, that is, a process of updating the already storedregistered password to the new password which has been entered on thepassword registration screen (step S38). Subsequently, the communicationcontrol program 12 a deletes the IDs in the connection permission list124, and clears the connection permission list 124 (step S39). Inaddition, the communication control program 12 a stores the present dateand time as the date and time of storage of the registered password,that is, the password registration date and time, and displays thepassword registration date and time on the “Connection device list” tabscreen of FIG. 9 (step S35). Thus, the password registration date andtime displayed on the “Connection device list” tab screen of FIG. 9 isupdated each time the re-registration of the password is executed.

As has been described above, according to the present embodiment, theconnection permission list itself, which is stored in the electronicapparatus 10, is protected by using the password verification. Thereby,the risk of data theft can be reduced without executing specialcommunication such as an exchange of the password between the closeproximity wireless transfer device 20 and the external device. Besides,when the user wishes the communication between a device, which is notregistered in the connection permission list, and the electronicapparatus 10, the user can perform data transfer between the device thatis to be used and the electronic apparatus 10, simply by performing anoperation of touching this device to the electronic apparatus 10 andentering the password.

In the present embodiment, the electronic apparatus 10 has beendescribed, by way of example, as being realized as the personalcomputer. Alternatively, the electronic apparatus 10 may be realized asa portable device such as a mobile phone or a PDA.

The functions of the communication control program of the embodiment mayalso be realized as hardware modules.

The various modules of the systems described herein can be implementedas software applications, hardware and/or software modules, orcomponents on one or more computers, such as servers. While the variousmodules are illustrated separately, they may share some or all of thesame underlying logic or code.

While certain embodiments have been described, these embodiments havebeen presented by way of example only, and are not intended to limit thescope of the inventions. Indeed, the novel embodiments described hereinmay be embodied in a variety of other forms; furthermore, variousomissions, substitutions and changes in the form of the embodimentsdescribed herein may be made without departing from the spirit of theinventions. The accompanying claims and their equivalents are intendedto cover such forms or modifications as would fall within the scope andspirit of the inventions.

What is claimed is:
 1. An electronic apparatus comprising: acommunication device configured to execute close proximity wirelesstransfer; and a controller configured to restrict devices which areconnectable to the communication device by using a connection permissionlist indicative of identifiers of one or more devices which arepermitted to establish a connection for close proximity wirelesstransfer with the communication device, wherein the controller isconfigured to determine whether an identifier of an external device inclose proximity to the communication device is on the connectionpermission list, the identifier being wirelessly transmitted from theexternal device to the communication device, wherein the controller isconfigured to start an operation of establishing a connection betweenthe communication device and the external device if the identifier ofthe external device is on the connection permission list, and whereinthe controller is configured to display a password entry screenprompting a user of the electronic apparatus to confirm whether theexternal device is to be registered as a device which is permitted toestablish a connection for close proximity wireless transfer with thecommunication device if the identifier is not on the connectionpermission list, and if a password entered on the password entry screenmatches with a registered password, the controller is configured to addthe identifier to the connection permission list to register theexternal device as the device which is permitted to establish aconnection for close proximity wireless transfer with the communicationdevice.
 2. The electronic apparatus of claim 1, wherein the controlleris further configured to set an operation mode of controlling the closeproximity wireless transfer to either a first mode or a second mode,wherein the controller is configured to display the password entryscreen if the identifier is not on the connection permission list in thefirst mode, and wherein the controller is configured to add theidentifier to the connection permission list if the identifier is not onthe connection permission list in the second mode.
 3. The electronicapparatus of claim 2, wherein the controller is configured to display aconfirmation screen which allows a user to confirm whether the deviceidentified by the identifier is to be added to the connection permissionlist, if the identifier is not on the connection permission list in thesecond mode, and to add the identifier to the connection permission listif the user confirms that the device is to be added.
 4. The electronicapparatus of claim 1, wherein the controller is further configured: todisplay a password registration screen in response to a passwordregistration request, and to store a password entered on the passwordregistration screen as the registered password; and to display apassword registration screen if the password registration request isreceived in a state where the registered password is stored, to store apassword entered on the password registration screen as a new registeredpassword, and to delete identifiers on the connection permission list.5. The electronic apparatus of claim 1, wherein the controller isfurther configured to restrict the registered password to comprise onlynumerals.
 6. A communication control method of controlling closeproximity wireless transfer of a communication device in an electronicapparatus, comprising: determining whether an identifier of an externaldevice in close proximity to the communication device is on a connectionpermission list, the connection permission list being indicative ofidentifiers of one or more devices which are permitted to establish aconnection for close proximity wireless transfer with the communicationdevice, the identifier being wirelessly transmitted from the externaldevice to the communication device; starting an operation ofestablishing a connection between the communication device and theexternal device if the identifier is on the connection permission list;displaying a password entry screen prompting a user of the electronicapparatus to confirm whether the external device is to be registered asa device which is permitted to establish a connection for closeproximity wireless transfer with the communication device if theidentifier is not on the connection permission module; and adding, if apassword entered on the password entry screen matches with a registeredpassword, the identifier to the connection permission list to registerthe external device as the device which is permitted to establish aconnection for close proximity wireless transfer with the communicationdevice.
 7. The communication control method of claim 6, furthercomprising setting an operation mode of controlling the close proximitywireless transfer to either a first mode or a second mode, wherein thepassword entry screen is displayed if the identifier is not on theconnection permission list in the first mode, and wherein the identifieris added to the connection permission list if the identifier is notincluded in the connection permission list in the second mode.
 8. Thecommunication control method of claim 6, further comprising: displayinga password registration screen in response to a password registrationrequest, and storing a password entered on the password registrationscreen as the registered password; and displaying a passwordregistration screen when the password registration request is receivedin a state where the registered password is stored, changing the storedregistered password to a password entered on the password registrationscreen, and deleting identifiers on the connection permission list.